Rather than invest in in-house information technology infrastructure, the emerging business environment is steadily moving away from making capital investments in information technology (IT) infrastructure towards consuming information technology (IT) resources as a service. As such, enterprises contract with cloud providers for Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS). SaaS provides the consumer with the capability of using the provider's applications running on a cloud infrastructure. The applications are accessible from various client devices through a thin client interface such as a web browser (e.g., web-based e-mail). The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user specific application configuration settings. IaaS provides consumers with the capability to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly limited control of select networking components (e.g., host firewalls). PaaS provides users with the capability to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including networks, servers, operating systems, or storage, but has control over the deployed applications and possibly application hosting environment configurations.
The service-based model for IT solutions, including SaaS, IaaS, and PaaS, is referred to Anything as a Service (XaaS). An enterprise utilizes XaaS from a cloud provider and can on an as needed basis and pays based on usage. This model systemic changes for the vendor (of the IT Infrastructure) and the Provider (of XaaS infrastructure) to deliver support and services to the consumer. To this end, current contracts (between the cloud providers and consumers) include service level agreements (SLAs) that include and penalties to cover for losses. SLAs act as a deterrent for the provider to minimize loss. In addition to the existing SLA-driven penalty model to handle failures or deviation, there is also a business need for an Insurance-based model to recover the cost of impact due to failures/deviation.
In existing insurance-based models, a shared resource (e.g., cloud infrastructure) is consumed by a large number of users/enterprises, is faced with the risk of failures due to well-known causes (or adverse events such as an outage, performance degradation, loss/leakage/corruption, compliance issues, etc.) either due to an accident (natural or man-made) or prolonged exposure to risks (such as hackers, etc.). These failures lead to significant losses, including but not limited to, business interruptions for the consumers, loss of credibility for the provider, and/or loss of anticipated savings for the consumers. These losses are calculable and can be mitigated by insuring this shared resource and paying an affordable premium. However, anticipating and generating claims based on this insurance as well as validating these claims can be cumbersome and time-consuming.